Is 迅雷下载支持 safe to use?

迅雷下载支持 has a risk level of CRITICAL with an overall risk score of 9.6/10. Our scan detected 46 security findings. This extension has significant security concerns — review the full report before installing.

What permissions does 迅雷下载支持 request?

迅雷下载支持 requests the following permissions: contextMenus, cookies, tabs, webRequest, downloads, nativeMessaging, storage, scripting, notifications. It also requests host access to: , http://*/*, https://*/*, ftp://*/*.

What is 迅雷下载支持's risk score?

迅雷下载支持 has an overall risk score of 9.6/10 (CRITICAL). Breakdown: Permissions 10.0/10, Code 10.0/10, Combinations 10.0/10, CSP 5.9/10.

ExtSafe

迅雷下载支持Security Analysis

Chromev3.52.14MV3February 16, 2026 at 02:19 PM

9.6CRITICAL

9.6 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 13 permissions including high-risk ones, 36 code findings, 4 dangerous combinations.

Dangerous Combinations(4)

CRITICALCookie access + external network

Extension has cookie access and sends data to external servers — potential session token theft.

cookies+external network request

HIGHTab tracking + external communication

Extension tracks open tabs and communicates with external servers — potential browsing surveillance.

tabs+external network request

CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern

Permissions

10.0/10

Code

10.0/10

Combinations

10.0/10

Manifest/CSP

5.9/10

Permissions(13 analyzed)

Code Findings(16 patterns, 36 total)

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

MEDIUM

web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

MEDIUM

web_accessible_resourcesJS files exposed to web pages

JavaScript files are exposed as web-accessible resources. Matched websites can load and interact with extension scripts.

External Domains(12)

127.0.0.1api-shoulei-ssl.xunlei.comdown.sandai.netgithub.comhttpsjsq.xunlei.commac.xunlei.commisc-xl9-ssl.xunlei.comsl-m-ssl.xunlei.comstat.download.xunlei.comstatic-xl.a.88cdn.comwww.xunlei.com